Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qv8-e0KklEjy5wYnClx6GJAtfcU.roa
File: qv8-e0KklEjy5wYnClx6GJAtfcU.roa (raw, json)
Hash identifier: 1m3aWU9PWctfhKLx0GST1aMeZnUmN0aCrrOVUToaJug=
Subject key identifier: AA:FF:3E:7B:42:A4:94:48:F2:E7:06:27:0A:5C:7A:18:90:2D:7D:C5
Certificate issuer: /CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Certificate serial: 01881ED3123A6C1DC151D1E387519650DBFB
Authority key identifier: 21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qv8-e0KklEjy5wYnClx6GJAtfcU.roa
Signing time: Mon 15 May 2023 09:52:09 +0000
ROA not before: Mon 15 May 2023 09:52:09 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 200088
IP address blocks: 188.225.14.0/24 maxlen: 24
90.156.228.0/24 maxlen: 24
90.156.231.0/24 maxlen: 24
94.228.122.0/24 maxlen: 24
217.151.229.0/24 maxlen: 24
217.151.231.0/24 maxlen: 24
188.225.60.0/24 maxlen: 24
185.104.112.0/24 maxlen: 24
185.104.115.0/24 maxlen: 24
217.25.91.0/24 maxlen: 24
194.35.116.0/24 maxlen: 24
194.35.118.0/24 maxlen: 24
194.35.117.0/24 maxlen: 24
217.25.95.0/24 maxlen: 24
194.35.119.0/24 maxlen: 24
193.201.115.0/24 maxlen: 24
89.191.228.0/24 maxlen: 24
87.249.50.0/24 maxlen: 24
78.40.216.0/24 maxlen: 24
85.193.93.0/24 maxlen: 24
85.193.92.0/24 maxlen: 24
85.193.95.0/24 maxlen: 24
176.57.221.0/24 maxlen: 24
2a03:6f00:8::/48 maxlen: 48
Validation: Failed, certificate revoked
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:88:1e:d3:12:3a:6c:1d:c1:51:d1:e3:87:51:96:50:db:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2160b2b1c829d88936b1adaeec97fdd1b40d41e5
Validity
Not Before: May 15 09:52:09 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=aaff3e7b42a49448f2e706270a5c7a18902d7dc5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:6d:e8:74:53:c2:9d:a8:25:a3:e4:16:5c:41:
d3:d0:47:01:d9:4a:22:03:59:b7:86:5e:37:3b:d0:
56:24:b1:87:1a:30:3e:25:b2:43:3b:c5:60:36:64:
26:cd:a3:40:cc:19:51:f7:58:c0:91:03:fd:9a:0b:
af:01:a8:17:c8:6e:32:94:dc:f7:0d:e0:5a:8f:82:
8a:9b:6f:a5:11:2d:c8:85:f8:b9:c1:db:b8:93:2a:
e0:e7:ad:9d:b6:27:32:06:db:6e:55:71:20:c7:55:
8a:a3:a3:c2:a5:d6:b8:97:b0:85:40:91:eb:c3:e9:
61:be:cb:88:63:74:e7:02:33:71:97:55:5f:af:86:
b5:b1:6e:27:96:22:9d:2e:df:4c:d1:db:43:ce:e2:
83:ce:c2:ee:c2:34:38:7d:be:29:b3:43:de:6c:6b:
e8:59:31:33:ad:77:65:fb:b7:7d:e3:5d:cd:34:65:
8d:56:18:ee:be:6d:e1:dd:9f:59:b0:c1:d1:65:e9:
11:ac:a0:19:eb:d1:ba:e9:6c:51:78:42:ef:90:f5:
e0:ad:86:71:09:ca:5e:7e:d8:5a:48:57:9b:23:2a:
29:d7:86:32:1e:c3:02:0a:b7:39:71:dc:65:40:14:
d2:ba:fa:14:f5:b9:77:f2:fe:7a:4a:86:10:f0:d2:
cd:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:FF:3E:7B:42:A4:94:48:F2:E7:06:27:0A:5C:7A:18:90:2D:7D:C5
X509v3 Authority Key Identifier:
keyid:21:60:B2:B1:C8:29:D8:89:36:B1:AD:AE:EC:97:FD:D1:B4:0D:41:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IWCyscgp2Ik2sa2u7Jf90bQNQeU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/qv8-e0KklEjy5wYnClx6GJAtfcU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/db1e20-dc36-488d-91a1-3df7faf3535d/1/IWCyscgp2Ik2sa2u7Jf90bQNQeU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.40.216.0/24
85.193.92.0/23
85.193.95.0/24
87.249.50.0/24
89.191.228.0/24
90.156.228.0/24
90.156.231.0/24
94.228.122.0/24
176.57.221.0/24
185.104.112.0/24
185.104.115.0/24
188.225.14.0/24
188.225.60.0/24
193.201.115.0/24
194.35.116.0/22
217.25.91.0/24
217.25.95.0/24
217.151.229.0/24
217.151.231.0/24
IPv6:
2a03:6f00:8::/48
Signature Algorithm: sha256WithRSAEncryption
39:43:98:48:45:da:ef:db:23:22:47:38:ae:fd:51:b0:fd:0d:
87:bd:51:f1:0a:3e:55:54:1a:5b:32:e9:89:a4:42:46:ed:9b:
40:c0:8c:b1:33:a2:64:52:4b:7d:47:8e:75:48:18:fa:14:3c:
ed:a7:66:9f:9b:4e:20:fd:a1:f9:b6:f9:63:7f:3a:dd:31:49:
8d:a4:3e:31:90:72:43:6b:cf:df:c0:29:31:8f:ba:9c:04:b3:
c2:99:60:7f:6e:3d:50:ef:af:0a:da:6e:7f:ad:f5:4f:f0:dc:
18:94:62:bd:82:84:a8:dd:21:54:d8:42:87:25:25:36:37:ad:
86:1e:78:0b:ad:07:5d:7a:36:0f:25:02:e2:fe:76:76:12:07:
c9:ef:bd:24:89:95:9e:9d:d7:bb:0c:5e:98:15:50:75:38:d7:
e5:12:97:db:a8:73:d0:b8:cb:fd:3e:fa:ec:26:f8:04:fd:65:
aa:b2:a7:b9:0c:0f:92:e7:15:51:36:f4:57:87:54:49:e6:16:
30:c1:78:10:30:f2:f1:8a:e4:1d:a9:09:ed:82:4c:38:cf:a6:
da:70:c0:07:8b:c8:e6:75:a5:ee:b1:52:fb:b9:5d:e4:21:5f:
57:7d:e5:9a:9e:9c:eb:d4:c5:02:58:02:10:4a:ef:6d:88:fb:
89:cf:4b:2f
-----BEGIN CERTIFICATE-----
MIIFfTCCBGWgAwIBAgISAYge0xI6bB3BUdHjh1GWUNv7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxNjBiMmIxYzgyOWQ4ODkzNmIxYWRhZWVjOTdmZGQxYjQw
ZDQxZTUwHhcNMjMwNTE1MDk1MjA5WhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYWZmM2U3YjQyYTQ5NDQ4ZjJlNzA2MjcwYTVjN2ExODkwMmQ3ZGM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApG3odFPCnaglo+QWXEHT0EcB2Uoi
A1m3hl43O9BWJLGHGjA+JbJDO8VgNmQmzaNAzBlR91jAkQP9mguvAagXyG4ylNz3
DeBaj4KKm2+lES3Ihfi5wdu4kyrg562dticyBttuVXEgx1WKo6PCpda4l7CFQJHr
w+lhvsuIY3TnAjNxl1Vfr4a1sW4nliKdLt9M0dtDzuKDzsLuwjQ4fb4ps0PebGvo
WTEzrXdl+7d9413NNGWNVhjuvm3h3Z9ZsMHRZekRrKAZ69G66WxReELvkPXgrYZx
CcpefthaSFebIyop14YyHsMCCrc5cdxlQBTSuvoU9bl38v56SoYQ8NLNAQIDAQAB
o4ICiTCCAoUwHQYDVR0OBBYEFKr/PntCpJRI8ucGJwpcehiQLX3FMB8GA1UdIwQY
MBaAFCFgsrHIKdiJNrGtruyX/dG0DUHlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEt
M2RmN2ZhZjM1MzVkLzEvcXY4LWUwS2tsRWp5NXdZbkNseDZHSkF0ZmNVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9kYjFlMjAtZGMzNi00ODhkLTkxYTEtM2RmN2ZhZjM1MzVk
LzEvSVdDeXNjZ3AySWsyc2EydTdKZjkwYlFOUWVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGeBggrBgEFBQcBBwEB/wSBjjCBizB4BAIAATByAwQATijY
AwQBVcFcAwQAVcFfAwQAV/kyAwQAWb/kAwQAWpzkAwQAWpznAwQAXuR6AwQAsDnd
AwQAuWhwAwQAuWhzAwQAvOEOAwQAvOE8AwQAwclzAwQCwiN0AwQA2RlbAwQA2Rlf
AwQA2ZflAwQA2ZfnMA8EAgACMAkDBwAqA28AAAgwDQYJKoZIhvcNAQELBQADggEB
ADlDmEhF2u/bIyJHOK79UbD9DYe9UfEKPlVUGlsy6YmkQkbtm0DAjLEzomRSS31H
jnVIGPoUPO2nZp+bTiD9ofm2+WN/Ot0xSY2kPjGQckNrz9/AKTGPupwEs8KZYH9u
PVDvrwrabn+t9U/w3BiUYr2ChKjdIVTYQoclJTY3rYYeeAutB116Ng8lAuL+dnYS
B8nvvSSJlZ6d17sMXpgVUHU41+USl9uoc9C4y/0++uwm+AT9Zaqyp7kMD5LnFVE2
9FeHVEnmFjDBeBAw8vGK5B2pCe2CTDjPptpwwAeLyOZ1pe6xUvu5XeQhX1d95Zqe
nOvUxQJYAhBK722I+4nPSy8=
-----END CERTIFICATE-----
Generated at Thu Jul 20 00:10:41 2023 by rpki-client on console-ams.rpki-client.org